CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

177 matches found

CVE-2026-52917

The CVE-2026-52917 vulnerability affects the Linux kernel SCTP implementation, specifically in the sock_diag dump_one path used by inet_diag. When a transport reference is held, the code can block on lock_sock(sk) and resume after sctp_association_free() marks the association dead and frees its b...

5.7AI score0.00176EPSS

Exploits0References8

EUVD•added yesterday•7 views

EUVD-2026-38720

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

5.7AI score0.00176EPSS

Exploits0References8

Debian CVE•added yesterday•3 views

CVE-2026-52917

5.6AI score0.00176EPSS

Exploits0

RedhatCVE•added 2026/06/05 7:40 p.m.•10 views

CVE-2026-25901

Lack of output escaping leads to a XSS vector in the multilingual associations component...

6.9CVSS5.4AI score0.00175EPSS

Exploits0References1

NVD•added 2026/06/05 6:17 p.m.•10 views

CVE-2026-2379

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

8.2CVSS0.00226EPSS

Exploits0References1

ATTACKERKB•added 2026/06/05 5:59 p.m.•6 views

CVE-2026-2379

8.2CVSS5.4AI score0.00226EPSS

Exploits0References2Affected Software1

EUVD•added 2026/06/05 5:59 p.m.•7 views

EUVD-2026-34875

8.2CVSS5.4AI score0.00226EPSS

Exploits0References1

Vulnrichment•added 2026/06/05 5:59 p.m.•8 views

CVE-2026-2379 Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled

8.2CVSS5.4AI score0.00226EPSS

Exploits0References1

CVE•added 2026/06/05 5:59 p.m.•26 views

CVE-2026-2379

The CVE-2026-2379 issue affects Arista EOS on hardware IPSec platforms where anti-replay is disabled. When IPsec is enabled, specific events (physical interface flaps or certain agent restarts) can trigger IPsec tunnel re-establishment using existing SAs, causing sequence number mismatches betwee...

8.2CVSS5.4AI score0.00226EPSS

Exploits0References1

NVD•added 2026/06/01 7:16 p.m.•10 views

CVE-2026-45277

Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2...

3.3CVSS0.0013EPSS

Exploits0References3

Cvelist•added 2026/06/01 4:51 p.m.•27 views

CVE-2026-45277 Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations

3.3CVSS0.0013EPSS

Exploits0References3

Vulnrichment•added 2026/06/01 4:51 p.m.•9 views

CVE-2026-45277 Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations

3.3CVSS5.9AI score0.0013EPSS

Exploits0References3

CVE•added 2026/06/01 4:51 p.m.•16 views

CVE-2026-45277

Nextcloud (Approval app) suffers information disclosure via the fileId parameter: authenticated users can determine whether arbitrary files are linked to specific approval workflows. Root cause appears to be insufficient access controls exposing workflow associations. The issue is confirmed resol...

3.3CVSS5.9AI score0.0013EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/06/01 12:0 a.m.•13 views

PT-2026-45522

Name of the Vulnerable Software and Affected Versions Nextcloud versions prior to 2.7.2 Description Authenticated users can verify if arbitrary files are linked to specific approval workflows used for requesting approval. Recommendations Update to version 2.7.2...

3.3CVSS5.9AI score0.0013EPSS

Exploits0References5